How Not to Expose Yourself on Venmo, Like Matt Gaetz

venmo

Image: Andrew Harrer/Bloomberg via Getty Images

Screen Shot 2021-02-24 at 3

Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.

The strange case against Rep. Matt Gaetz, who is apparently under investigation for an alleged sexual relationship with a girl who was reportedly 17 two years ago, may partially hinge on a Venmo transaction in which Gaetz seems to have incriminated himself.

On Friday, The Daily Beast reported that in May of 2018, Gaetz sent $900 on Venmo to his friend Joel Greenberg, who is an accused sex trafficker. The memo in the payment was “hit up [redacted nickname of underage girl].” The next day, Greenberg sent three payments of $300 to three women, including the underage girl. Gaetz’s transactions on Venmo, including this one, were public until this week, according to the news website

Advertisement

It’s no secret that Venmo payments are public by default. It’s part of the app’s overall attempt to fashion itself as a social media app more than a payments app. 

Screen Shot 2021-04-09 at 11.28.16 AM.png

The first page a user is shown after they create a Venmo account includes these disclaimers. (Image: Motherboard)

Screen Shot 2021-04-09 at 11.29.21 AM.png

In 2018, privacy researcher Do Thi Duc created a project called “Public by Default” in which she explained how she was able to see millions of transactions on the site, and even to “explore the lives of 5 unsuspecting humans who use the Venmo platform,” as she wrote on the project’s website. In another jarring experiment, a programmer created a bot that tweeted photos and names of people who made payments using a particular drug keyword or emoji.

Privacy activists have long criticized Venmo for this choice, and for exposing users’ friends list as well. In fact, Venmo’s privacy decision is so baffling to privacy and security experts that it has almost become a meme at this point. Coincidentally, messaging app Signal announced earlier this week that it would begin to allow for payments in its app, a move that some experts worried could compromise the privacy of its platform because of regulations about financial transactions. 

Advertisement

While we wait for Venmo to do the right thing, you can avoid incriminating yourself with a simple change. 

In your Venmo account, go to Settings, click on Privacy, and set the Default Privacy Settings to Private. This way, all your transactions on the app will only be visible to you and the other person involved. 

venmo-privacy.jpeg

The privacy settings on Venmo’s app. (Image: Motherboard)

Voilà. While we don’t endorse what Gaetz allegedly did, with this setting turned on you won’t embarass yourself telling all your friends that you bought weed, and the name of your pusher. 

Also, it’s worth noting that if you do commit a crime, and leave evidence of it on Venmo, making payments private won’t save you. Police agencies can subpoena Venmo and get records of your private transactions.

Subscribe to our cybersecurity podcast CYBER, here.